Описание
The IEEE 802.11 parser in tcpdump before 4.9.3 has a buffer over-read in print-802_11.c for the Mesh Flags subfield.
An out-of-bounds read vulnerability was discovered in tcpdump while printing IEEE 802.11 packets captured in a pcap file or coming from the network. A remote attacker may abuse this flaw by sending specially crafted packets that, when printed, would trigger the flaw and crash the application.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | tcpdump | Out of support scope | ||
| Red Hat Enterprise Linux 6 | tcpdump | Out of support scope | ||
| Red Hat Enterprise Linux 7 | tcpdump | Fix deferred | ||
| Red Hat Enterprise Linux 8 | tcpdump | Fixed | RHSA-2020:4760 | 04.11.2020 |
Показывать по
Дополнительная информация
Статус:
7.5 High
CVSS3
Связанные уязвимости
The IEEE 802.11 parser in tcpdump before 4.9.3 has a buffer over-read in print-802_11.c for the Mesh Flags subfield.
The IEEE 802.11 parser in tcpdump before 4.9.3 has a buffer over-read in print-802_11.c for the Mesh Flags subfield.
The IEEE 802.11 parser in tcpdump before 4.9.3 has a buffer over-read ...
The IEEE 802.11 parser in tcpdump before 4.9.3 has a buffer over-read in print-802_11.c for the Mesh Flags subfield.
Уязвимость компонента print-802_11.c утилиты для перехвата и анализа сетевого трафика tcpdump, позволяющая нарушителю вызвать отказ в обслуживании
7.5 High
CVSS3